CVE-2026-31431: Linux Kernel

What is CVE-2026-31431?

Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation.

CVSS7.8 NVD 3.1

SeverityHIGH

Exploitation In the wild In CISA KEV

Triage statusActive Exploit

ActionPatch immediately

CVSS vectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA Known Exploited Vulnerability

Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability

Added to KEV2026-05-01

Federal patch deadline2026-05-15

Known ransomware useUnknown

Affected product

Linux Kernel

Remediation Steps

Identify all Linux systems running vulnerable kernel versions across your infrastructure
Prioritize patching systems with local user access or multi-tenant configurations
Apply kernel security updates from distribution vendors (RHEL, Ubuntu, Debian, etc.)
Schedule reboot windows to activate patched kernels and verify successful application
Monitor for suspicious local privilege escalation attempts in system audit logs

References

Coverage on defend.network

Vulnerability Priority Report – Week 1 of May 2026 (May 4 – 10)
Linux root vulnerability in KEV; cPanel mass-exploitation continues (2026-05-04)
PyTorch Lightning & SAP supply-chain; AI cuts attack time to 24h (2026-05-01)

🤖 This CVE page is generated by defend.network from NVD, CISA KEV, EPSS, and our verified daily briefings. Severity and exploitation data come from official sources; always verify remediation steps against the official vendor advisory before acting in production.